All work

Fuze: EU AI Act compliance for AI agents

Open-source SDK and platform that lets AI-agent deployers prove EU AI Act compliance from runtime evidence, not policy documents. Drop-in adapters for OpenAI Agents, LangGraph, CrewAI and Google ADK; hash-chained, Ed25519-signed traces mapped to Articles 9, 12, 13, 14, 15, 26, 27, 72 and 73. Enforcement begins 2 August 2026.

Visit fuze-ai.tech

Fuze: Prove compliance. Continuously.

EU AI Act compliance platform for AI-agent deployers. Instrument the agent stacks you already run; emit signed runtime evidence mapped to every applicable Article. In active development.

Fuze

What Fuze is

Fuze connects to your instrumented agents and generates real-time compliance evidence for every applicable EU AI Act Article. No paperwork, no after-the-fact audits — every inference, decision, and override is captured as signed evidence mapped to the obligation it satisfies.

The product splits into three things you actually do:

  • Classify. A free five-minute screener walks through Annex III, GPAI, and the prohibited-practices list and lands on the correct risk tier.
  • Instrument. Drop-in adapters for OpenAI Agents, LangGraph, CrewAI, and Google ADK; a framework-agnostic SDK if your stack is custom. One decorator (guard()), zero config, full audit trail — including loop detection, budget enforcement, and side-effect compensation.
  • Comply. A live posture dashboard fed by hash-chained, HMAC-signed evidence. Run-roots are Ed25519-signed; approvals are replay-protected by construction.

Fuze Agent

The accompanying agent runtime is built around six primitives: Tool, Model, Agent, Memory, Guardrail, Tracer. A compliant agent is ~10 lines: wrap any async function as a tool, compose with quickAgent, run. The same evidence shape holds from quickstart to production, across Dev, Cloud, and EU Sovereign deployment tiers.

Article coverage

Every feature maps to a specific binding obligation. Today the platform covers:

  • Article 9 — Risk Management System
  • Article 12 — Record-Keeping (hash-chained, HMAC-signed trail)
  • Article 13 — Transparency and information to deployers
  • Article 14 — Human Oversight (kill switch + intervention logs)
  • Article 15 — Accuracy, Robustness, Cybersecurity
  • Article 26 — Deployer obligations for high-risk systems
  • Article 27 — Fundamental Rights Impact Assessment
  • Article 72 — Post-Market Monitoring (cross-run pattern analysis)
  • Article 73 — Reporting of Serious Incidents

Why runtime evidence

Consultants fill in forms. Enterprise GRC suites manage policy documents. Both stop at the point where an auditor would actually start asking questions. Fuze's source of truth is the agent's actual runtime behaviour, updated continuously rather than at quarterly review cadence.

Evidence, not assurances.

Open source at the core

The SDK is MIT-licensed, runs offline, and ships with 300+ tests. Runtime data never leaves your infrastructure unless you explicitly opt in.

npm install fuze-ai
pip install fuze-ai

The managed API and dashboard are free during early access — 100K API requests/month, 1M agent traces/month, 50 GB egress, 90-day retention, EU-hosted, no card.

Why now

Enforcement of the EU AI Act for high-risk systems begins 2 August 2026. Fines reach €35M or 7% of global turnover. Until enforcement, deployers can adopt Fuze as a free early-access product, build the runtime spine of their compliance posture, and walk into August 2026 with an audit trail rather than a folder of attestations.

Built for the EU, from the EU. More at fuze-ai.tech.